<script>
	function checkAll(theForm, cName, status) {
		for (i=0,n=theForm.elements.length;i<n;i++)
		  if (theForm.elements[i].className.indexOf(cName) !=-1) {
		    theForm.elements[i].checked = status;
		  }
	}
	//show and hide
	function custom_per(){
		//document.getElementById("all").style.display = '';
		document.getElementById("custom_per").style.display = '';
	}
	function all_per(){
		//document.getElementById("txtpro_id").style.display = 'none';
		document.getElementById("custom_per").style.display = 'none';
	}
</script>
<!-- end slide -->

<?php
	/* check permission user */
	function check_per($user_id){
		$sql="SELECT controller_id FROM  controllers_permission WHERE user_id='".$user_id."'";
		$result=query($sql);
		while($row=fetch_array($result)){
			$controller_id .=$row['controller_id']."-";		
		}
		//make controller_id to array
		$controller=substr($controller_id,0,-1);
		return $controller_arr = explode("-",$controller);
	}
	if(isset($_REQUEST['user_id'])){
		$user_id=$_REQUEST['user_id'];
		$controller_arr=check_per($user_id);
	}
?>
<?php
	if(isset($_POST['submit'])){
		
		$userId=$_POST['txtuser_id'];
		$user_name_per=$_POST['txtuser_name'];
		$where=array("user_id" => $userId);
		$value=$_POST['chk'];
		//insert specific permission 
		if($_POST['rdpermission']=="custom"){
			// Check Old Permission
			$duplicate =duplicate("controllers_permission",$where);		
			if ($duplicate)
			{
				//delete old permission
				$delete=delete_data("controllers_permission",$where);
			}
			//insert new permission
			if(count($value)>0){
				foreach( $value as $key){
					$sql="INSERT INTO controllers_permission (user_id,controller_id) VALUES ($userId,$key)";
					$result=query($sql);
				}// end foreach
				if($result)
					// save activity log
					$module		= 'Permission';
					$message	= 'Create New Permission for user: '.$user_name_per;
					$affected_row=saveActivityLog($module,$message,getUserName());
					if($affected_row)
						pageRedirect("index.php?page=user_list&action=user_permission&user_id=$userId&user_name_per=$user_name_per&","Inserted permission successfull...!");	
			}else
				pageRedirect("index.php?page=user_list&action=user_permission&user_id=$userId&user_name_per=$user_name_per&","Please select permission to assign...!");
			
		}else{
			//Check Old Permission
			$duplicate =duplicate("controllers_permission",$where);		
			if ($duplicate)
			{
				//delete old permission
				$delete=delete_data("controllers_permission",$where);
			}
			//insert all permission
			$sql="SELECT id FROM controllers";
			$result=query($sql);
			while($row=fetch_array($result)){
				$sql_all="INSERT INTO controllers_permission (user_id,controller_id) VALUES ($userId,$row[id])";
				$result_all=query($sql_all);		 
			}//end while
			
			if($result_all)
				// save activity log
				$module		= 'Permission';
				$message	= 'Create New Permission  for user: '.$user_name_per;
				$affected_row=saveActivityLog($module,$message,getUserName());
				if($affected_row)
			 		pageRedirect("index.php?page=user_list&action=user_permission&user_id=$userId&user_name_per=$user_name_per&","Inserted permission successfull...!");	
		}

	}
?>

<div class="action">
         <div class="management">
               Add New Permission For User: <span class="user"> <?php echo $user_name_per= $_REQUEST['user_name_per']=="" ? $_SESSION["user_name_per"]:$_REQUEST['user_name_per'];?></span>
         </div>
         <div class="new">
               
    	  </div>
	</div>
    <div class="sms">
        <?php 
        if(isset($_REQUEST['msgStatus'])){
            echo $_REQUEST['msgStatus'];
        }else{echo @$errors;}
        ?>
    </div>	
    <div style="clear:both"></div>

<?php
	// check status of user
	if($_REQUEST['user_id']==1)
	{
		$user_status=$_REQUEST['user_id'];
		$all="checked=\"checked\"";
		$custom="";
		$checked_admin="checked=\"checked\"";
	}else
	{
		$custom="checked=\"checked\"";
		$all="";

	}//end else check user
?>
<form action="index.php?page=user_list&action=user_permission" method="post" name="selectForm" id="selectForm">
    <tr>
        <td colspan="2">
              &nbsp;&nbsp;&nbsp;&nbsp; Permission
        </td>
        <td >
            <input type="radio" id="custom"  name="rdpermission" value="custom"  <?php echo $custom;?> onClick="JavaScript:custom_per()"> Custom
        </td>
        <td >
            <input type="radio" id="all"  name="rdpermission" value="all" <?php echo $all;?> onClick="JavaScript:all_per()"> All <br/><br/>
        </td>
       
     </tr>
         
<div id="custom_per">
         <?php
			$sql = "SELECT c.id,c.category_id,  c.name , c.description, cc.module_name, cc.module_type FROM controllers as c
					INNER JOIN controllers_category as cc ON c.category_id=cc.id ORDER BY cc.module_name";
			$result = mysql_query($sql);
			$controller_id="";
			while ( $row = mysql_fetch_object($result)){        
         ?>
		<?php
            //check has permission or not, if has checked
            if(count($controller_arr)>0){
                $un_checked = array_search($row->id, $controller_arr);
                if($un_checked === false){
                    $checked_user="";
                }else{
                    $checked_user="checked=\"checked\"";
                }
            }	
            
            if($controller_id != $row->category_id) {
                echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;". $row->module_name . "<input type=\"checkbox\" onclick=\"checkAll(document.getElementById('selectForm'), "."'".$row->category_id."', this.checked);\"/><br>";
                $controller_id = $row->category_id;
       
            }//end if
                
        ?>
        <div>
           &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;  <input type="checkbox" name="chk[]" value="<?php echo $row->id;?>" class="<?php echo $row->category_id;?>"  <?php echo $checked = $user_status == 1 ? $checked_admin:$checked_user;?>  /> Description: <?php echo $row->description;?>
            <br><br>
        </div>
                    
         <?php } //end while ?>
        <input type="hidden" name="txtuser_id" value="<?php echo $user_id_per=$_REQUEST['user_id']=="" ? $_SESSION["user_id_per"]:$_REQUEST['user_id'];?>"  />          
        <input type="hidden" name="txtuser_name" value="<?php echo $user_name_per= $_REQUEST['user_name_per']=="" ? $_SESSION["user_name_per"]:$_REQUEST['user_name_per'];?>"  />          
</div><!-- end custom_per -->
    <tr>
        <td colspan="3">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input class="bg_btn_ok" type="submit" name="submit" value="Submit" /></td>
        <td colspan="3">&nbsp;&nbsp;<input class="bg_btn_cancel" type="button" name="btnCancel" value="Cancel" onclick="redirect('index.php?page=user_list&action=user_list')" /></td>
    </tr>
</form>